Hardening Plone, a military-strength CMS

Hardening Plone A Military-Strength CMS

Hardening Plone Hardening the Plone stack A Military-Strength CMS A Military-Strength CMS and its infrastructure 2

Class rules ● Feel free to ask questions 3

About us ● Kees Hink ● Plone developer since January 2008 ● Kim Chee Leong ● Plone developer since May 2007 4

Introduction ● This talk is about: ● Making the Plone stack even more secure ● Not much about Plone itself ● How to get others to acknowledge that it's secure ● For who? ● New to Plone ● Marketing ● Developers 5

Overview of sections ● Why security? ● Our use case ● Plone ● Infrastructure ● Audits (and feedback) 6

The internet is evil ● Have to protect against: ● Cross site scripting ● Unencrypted connections ● Spoofing ● Password cracking ● Mail interception ● Server hacking ● SQL injection 7

SQL Injection Comic by XKCD: http://xkcd.com/327/ 8

Our use case ● Two portals: ● Plone as a DMS for online collaboration – Largely standard Plone – Alternative to Sharepoint – Sensitive data ● Plone as a user friendly file upload system – Document upload by suppliers – User friendly upload 9

Security of default Plone ● Plone (Zope) is pretty secure by default ● Quantitative comparison: – Track number of hits on Google – See nr. of vulnerabilities in the National Vulnerability Database ● Qualititative comparison: – See article “security overview of plone” on plone.org 10

Small Plone modifications ● Disable self- registration ● Workflow + permissions ● Additional Products – Aagje (activity log) – LoginLockout 11

How to protect? ● Let's start with a secure location 12

Infrastructure ● Secure hosting ● Trusted hosting partner ● Secure hosting ● Dedicated servers ● Operating system ● Security updates ● Company procedures ● Who has access? 13

● Only HTTPS port is opened to the internet ● VPN-only access for all except HTTPS 14

Infrastructure: OS ● Modifications on Debian Linux to enhance security – Different system user for each Zope instance – Regular security update – Tighten filesystem permissions 15

Infrastructure: Web server ● Apache – HTTPS – Get an SSL certificate (Thawte, VeriSign) – No rewrite rule for Zope root – Keep log files 16

SSL certificate 17

Just to keep your attention 18 http://xkcd.com

Audits ● Document your procedures ● We are using parts of ITIL ● Get audits ● Technical audit ● Process audit 19

Technical security audit ● Done by 3rd party ● They have a checklist ● They report back in a structured way ● Black box audit ● From outside, on Plone portal ● Crystal box audit ● On server, with root access ● Check user permissions, etc. 20

Recommendations for Plone ● Plone itself is pretty secure ● Modifications: ● Quota (file upload limit) ● Cookie settings (HTTPOnly, Secure), fixed with Apache ● And, of course: ● disable self-registration, check workflow, permissions, use LoginLockout 21

Recommendations outside Plone ● Modifications: ● Use HTTPS only (no redirects from HTTP) ● Paranoid user permission restrictions ● Caching header control ● And, of course: ● secure hosting, VPN, security updates, etc. 22

Technical audit final result ● We implemented these recommendations for the next audit, which was tested again and approved: 23

Process security audit ● Done by our client's accountants ● Check processes: ● Talk about our server management documents (esp. security-related) ● Talk about certification of hosting partner ● Talk to technical auditing party ● Talk to us, again... 24

Recommendations for Plone ● Confidentiality and user agreement 25

Process audit final result ● We passed! 26 Image by Getty images

Wrapping up ● Done: ● Think about how to secure our existing setup even more ● Have specialists check our setup + procedures ● Implement their recommendations ● Result: Plone is officially 100% secure. 27

Remaining questions? 28

http://www.leong.nl	353
http://www.slideshare.net	11
http://translate.googleusercontent.com	1

Hardening Plone, a military-strength CMS

by khink on Nov 27, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

3 Embeds 365

Statistics

Hardening Plone, a military-strength CMS — Presentation Transcript